BUSINESS CONTINUITY PLAN
John Giordani, DIA
Doctor of Information Assurance -Technology Risk Manager - Information Assurance, and AI Governance Advisor - Adjunct Professor UoF
What is a plan that serves as a step-by-step guide that you can follow during an emergency? A business continuity plan.
Is a business continuity plan a sure shot method to survive a crisis? Will it instantly eliminate the impact of the disaster? No, but it gives you the best chances of survival.
We call a business continuity plan the process used to create the blueprints that will help your organization respond and recover, in useful ways, from an unforeseen disaster or mishap. Business continuity plans help in case of events like natural disasters, pandemics, or accidents that involve only your place of business like fire or a cybercrime attack directed at your business in particular; basically, any event that can paralyze your business.
A business continuity plan helps retain clients, salvaging your brand, image, and reputation by addressing beforehand situations where you might not be able to communicate with your clients. It can help reduce client dissatisfaction. Even if only your business is affected by certain events such as ransomware attacks, data leaks, or virus attacks, having a business continuity plan can be a godsend in times of such crisis.
Essentially your business continuity plan should be composed of nine essential items:
- Lists of your key contacts – HR, C-level execs, IT, client relationship managers, etc.,
- Lists of your comprehensive IT inventory – Software, apps, and hardware.
- Data backups – critical to your recovery.
- Plan B – Cold, hot storage, alternative sites, BYOD plans.
- Your building/office space floor plans.
- SOPs - a set of step-by-step instructions compiled by your organization to help workers carry out complex routine operations.
- Regular audits of your business continuity plan – to ensure its relevancy and up-to-date information.
- Have a team – for your business continuity project.
- Drills – run regular dry run and mock drills
Regardless of the size of your organization, business continuity planning is vital. Bigger organizations often have their own staff (IT/non-IT) for business continuity planning, but for small businesses and non-profits to have their own business continuity planning team can be a bit of a challenge, and not always there are available resources. Consider teaming up with a managed Service Provider, or Managed Security Service Provider who is experienced in disaster recovery planning, so you don’t cut corners now to regret later.
https://cybersimplicity.blogspot.com/